* Question on commit dc7109aaa233 ("futex: Validate waiter correctly in futex_proxy_trylock_atomic()")
@ 2021-08-20 11:17 Lukas Bulwahn
2021-08-30 23:29 ` Thomas Gleixner
0 siblings, 1 reply; 4+ messages in thread
From: Lukas Bulwahn @ 2021-08-20 11:17 UTC (permalink / raw)
To: Thomas Gleixner, Ingo Molnar; +Cc: Peter Zijlstra, LKML, Sudip Mukherjee
Dear Thomas,
in commit dc7109aaa233 ("futex: Validate waiter correctly in
futex_proxy_trylock_atomic()") visible on next-20210819, you add:
+ /*
+ * Ensure that this is a waiter sitting in futex_wait_requeue_pi()
+ * and waiting on the 'waitqueue' futex which is always !PI.
+ */
+ if (!top_waiter->rt_waiter || top_waiter->pi_state)
+ ret = -EINVAL;
However, ret is unconditionally reassigned later and erases any
intended effect of this assignment. This is making that assignment
above a Dead Store, which clang-analyzer correctly warns about and
which motivates me to write you an email.
Did you intend to return -EINVAL here? So:
+ if (!top_waiter->rt_waiter || top_waiter->pi_state)
+ return -EINVAL;
Best regards,
Lukas
Static analysis tools are as foolish as they are... but every dog has its day...
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Question on commit dc7109aaa233 ("futex: Validate waiter correctly in futex_proxy_trylock_atomic()")
2021-08-20 11:17 Question on commit dc7109aaa233 ("futex: Validate waiter correctly in futex_proxy_trylock_atomic()") Lukas Bulwahn
@ 2021-08-30 23:29 ` Thomas Gleixner
2021-09-01 18:28 ` André Almeida
0 siblings, 1 reply; 4+ messages in thread
From: Thomas Gleixner @ 2021-08-30 23:29 UTC (permalink / raw)
To: Lukas Bulwahn, Ingo Molnar; +Cc: Peter Zijlstra, LKML, Sudip Mukherjee
Lukas,
On Fri, Aug 20 2021 at 13:17, Lukas Bulwahn wrote:
> in commit dc7109aaa233 ("futex: Validate waiter correctly in
> futex_proxy_trylock_atomic()") visible on next-20210819, you add:
>
> + /*
> + * Ensure that this is a waiter sitting in futex_wait_requeue_pi()
> + * and waiting on the 'waitqueue' futex which is always !PI.
> + */
> + if (!top_waiter->rt_waiter || top_waiter->pi_state)
> + ret = -EINVAL;
>
> However, ret is unconditionally reassigned later and erases any
> intended effect of this assignment. This is making that assignment
> above a Dead Store, which clang-analyzer correctly warns about and
> which motivates me to write you an email.
>
> Did you intend to return -EINVAL here? So:
>
> + if (!top_waiter->rt_waiter || top_waiter->pi_state)
> + return -EINVAL;
Duh, yes.
> Static analysis tools are as foolish as they are... but every dog has its day...
IOW: Even a blind hen sometimes finds a grain of corn :)
Care to send a patch?
Thanks,
tglx
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Question on commit dc7109aaa233 ("futex: Validate waiter correctly in futex_proxy_trylock_atomic()")
2021-08-30 23:29 ` Thomas Gleixner
@ 2021-09-01 18:28 ` André Almeida
2021-09-01 19:19 ` Thomas Gleixner
0 siblings, 1 reply; 4+ messages in thread
From: André Almeida @ 2021-09-01 18:28 UTC (permalink / raw)
To: Thomas Gleixner, Lukas Bulwahn, Ingo Molnar
Cc: Peter Zijlstra, LKML, Sudip Mukherjee, Colin King
Thomas,
Às 20:29 de 30/08/21, Thomas Gleixner escreveu:
> Lukas,
>
> On Fri, Aug 20 2021 at 13:17, Lukas Bulwahn wrote:
>> Did you intend to return -EINVAL here? So:
>>
>> + if (!top_waiter->rt_waiter || top_waiter->pi_state)
>> + return -EINVAL;
>
> Duh, yes.
>
>> Static analysis tools are as foolish as they are... but every dog has its day...
>
> IOW: Even a blind hen sometimes finds a grain of corn :)
>
> Care to send a patch?
>
A patch was already proposed with this fix:
https://lore.kernel.org/lkml/20210818131840.34262-1-colin.king@canonical.com/
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Question on commit dc7109aaa233 ("futex: Validate waiter correctly in futex_proxy_trylock_atomic()")
2021-09-01 18:28 ` André Almeida
@ 2021-09-01 19:19 ` Thomas Gleixner
0 siblings, 0 replies; 4+ messages in thread
From: Thomas Gleixner @ 2021-09-01 19:19 UTC (permalink / raw)
To: André Almeida, Lukas Bulwahn, Ingo Molnar
Cc: Peter Zijlstra, LKML, Sudip Mukherjee, Colin King
André!
On Wed, Sep 01 2021 at 15:28, André Almeida wrote:
> Às 20:29 de 30/08/21, Thomas Gleixner escreveu:
>> Care to send a patch?
>>
>
> A patch was already proposed with this fix:
> https://lore.kernel.org/lkml/20210818131840.34262-1-colin.king@canonical.com/
Thanks for the pointer. This fell through the cracks for unknown reasons.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-09-01 19:19 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-20 11:17 Question on commit dc7109aaa233 ("futex: Validate waiter correctly in futex_proxy_trylock_atomic()") Lukas Bulwahn
2021-08-30 23:29 ` Thomas Gleixner
2021-09-01 18:28 ` André Almeida
2021-09-01 19:19 ` Thomas Gleixner
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).